Scanned pages/files
| Request | Server response | Status |
http://onlinestores99.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Sat, 26 Dec 2015 04:15:37 GMT Location: http://www.onlinestores99.com/ Server: nginx/1.8.0 Content-Length: 306 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.onlinestores99.com/ | 200 OK Content-Length: 7569 Content-Type: text/html | suspicious |
Deface/Content modification. The following signature was found: Hacked By 1337 Hunter ...[2613 bytes skipped]... 00px; height:340px; -moz-transition: all 0.8s ease-in-out; -webkit-transition: all 0.8s ease-in-out; -o-transition: all 0.8s ease-in-out; -ms-transition: all 0.8s ease-in-out; transition: all 0.8s ease-in-out; } #spinstyle1 img:hover{ -moz-transform: rotate(360deg); -webkit-transform: rotate(360deg); -o-transform: rotate(360deg); -ms-transform: rotate(360deg); transform: rotate(360deg); } </style> <title>Hacked By 1337 Hunter</title> <body bgcolor="#000000"><onload=type_text() onclick='alert("1337 Hunter is Here, Dont Try To Cheat")'> <onload="teclear();"oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'> <div align="center" id="spinstyle1"><img src="http://i.imgur.com/RzFe4dE.png"></div> <div align="center" id="element"><p>You Got Hacked By 1337 Hunter</p></div> <div id="hacker" align="cen ...[4516 bytes skipped]... | ||
http://www.onlinestores99.com/test404page.js | 404 Not Found Content-Length: 12839 Content-Type: text/html | clean |
http://code.jquery.com/jquery-1.9.1.js | 200 OK Content-Length: 268381 Content-Type: application/javascript | clean |
http://suspended.hostgator.com/js/simple-expand.min.js | 200 OK Content-Length: 2782 Content-Type: text/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: onlinestores99.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 26 Dec 2015 04:15:37 GMT
Location: http://www.onlinestores99.com/
Server: nginx/1.8.0
Content-Length: 306
Content-Type: text/html; charset=iso-8859-1
...306 bytes of data.
GET / HTTP/1.1
Host: onlinestores99.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sat, 26 Dec 2015 04:15:37 GMT
Location: http://www.onlinestores99.com/
Server: nginx/1.8.0
Content-Length: 306
Content-Type: text/html; charset=iso-8859-1
...306 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: onlinestores99.com
Referer: http://www.google.com/search?q=onlinestores99.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: onlinestores99.com
Referer: http://www.google.com/search?q=onlinestores99.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=onlinestores99.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://onlinestores99.com/
Result: onlinestores99.com is not infected or malware details are not published yet.
Result: onlinestores99.com is not infected or malware details are not published yet.